by Tataye
See also Ulysses
Written in Delphi
Released in March 2003
Made in Rumania
Server:
dropped files:
c:\WINDOWS\SYSTEM\WBEM\wb.com
c:\WINDOWS\SYSTEM\COM\mscom32.com
size: 122.880 bytes
port: 666 TCP
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{45DD0432-AA51-31EF-EEFA-06AA12E6115C} "StubPath"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run "COM Service"
added:
c:\WINDOWS\SYSTEM\kl.dli
MegaSecurity